# aabb.i4zhusao.icu — MALICIOUS

> Discover if aabb.i4zhusao.icu is safe. PhishDestroy reveals the high-risk phishing activity identified on this domain and what it means for your security.

## Summary
PhishDestroy categorizes aabb.i4zhusao.icu as a high-risk domain associated with generic phishing threats. This domain was designed to deceive users potentially by mimicking legitimate services, posing significant security risks to individuals who encounter it.

Supporting evidence includes detection by 10 out of 95 security vendors on VirusTotal and its presence on one security blocklist, indicating consensus about its malicious intent. The domain was registered recently on February 21, 2026, through Gname.com Pte. Ltd., and resolved to the IP address 172.245.67.31. The page title “爱思助手” suggests an attempt to impersonate a known software or service, which is a common phishing tactic to lure victims.

Currently, aabb.i4zhusao.icu is offline, reducing immediate risk; however, users should remain vigilant. PhishDestroy recommends avoiding interaction with suspicious URLs and ensuring updated security software to prevent phishing attacks. Monitoring domain status and using reputable threat intelligence resources can further enhance protection from similar threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: 爱思助手

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 172.245.67.31
- IP Country: US
- IP City: Santa Clara
- IP Org: AS36352 HostPapa
- Nameservers: ["expire1.gname-dns.com", "expire2.gname-dns.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Sophos", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199fb7d-c135-708d-9e39-111b85c685d8.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/72f797ba-1c2d-49c9-a26d-9305b89314d5
- PhishDestroy: https://phishdestroy.io/domain/aabb.i4zhusao.icu/
- LLM endpoint: https://phishdestroy.io/domain/aabb.i4zhusao.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/aabb.i4zhusao.icu/
Last updated: 2026-03-19